• FBI Warns {broken} iPhone And Android Users - Stop Sending Texts

    From hedrick@21:1/5 to All on Wed Dec 4 00:16:06 2024
    XPost: misc.phone.mobile.iphone, comp.os.linux.advocacy, sac.politics
    XPost: talk.politics.guns

    Timing is everything. Just as Apple’s adoption of RCS had seemed to
    signal a return to text messaging versus the unstoppable growth of
    WhatsApp, then along comes a surprising new hurdle to stop that in its
    tracks. While messaging Android to Android or iPhone to iPhone is
    secure, messaging from one to the other is not.

    Now even the FBI and CISA, the US cyber defense agency, are warning
    Americans to use fully encrypted messaging and phone calls where they
    can. The backdrop is the Chinese hacking of US networks that is
    reportedly “ongoing and likely larger in scale than previously
    understood.” Fully encrypted comms is the best defense against this compromise, and Americans are being urged to use that wherever possible.

    The network cyberattacks, attributed to Salt Typhoon, a group associated
    with China’s Ministry of Public Security, has generated heightened
    concern as to the vulnerabilities within critical US communication
    networks. The reality is different. Without fully end-to-end encrypted messaging and calls, there has always been a potential for content to be intercepted. That’s the entire reason the likes of Apple, Google and
    Meta advise its use, highlighting the fact that even they can’t see content.

    As reported by Politico, advice given by CISA’s Jeff Greene and an
    unnamed FBI senior official included “strongly urging Americans to ‘use your encrypted communications where you have it… we definitely need to
    do that, kind of look at what it means long-term, how we secure our networks’.”

    NBC News
    @NBCNews
    Amid an unprecedented cyberattack on telecommunications companies such
    as AT&T and Verizon, U.S. officials are recommending that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers.

    https://x.com/NBCNews/status/1864055798302683219

    The two officials briefing the media went as far as to suggest “that Americans should use encrypted apps for all their communications,”
    according to other reports (1,2). That means stop sending texts between
    iPhones and Androids, albeit iMessages and Google Messages are fully
    encrypted between users on those platforms.

    Greene added that “our suggestion, what we have told folks internally,
    is not new here: encryption is your friend, whether it's on text
    messaging or if you have the capacity to use encrypted voice
    communication. Even if the adversary is able to intercept the data, if
    it is encrypted, it will make it impossible.”

    An alert into the ongoing telco network hacks jointly issued by FBI,
    CISA and NSA—as well as other Five Eyes agencies—was released on Tuesday.

    The lack of end-to-end encryption to protect cross-platform RCS, the
    successor to SMS, is a glaring omission. It was highlighted in Samsung’s recent celebratory PR release on the success of RCS, which included the
    caveat that only Android to Android messaging is secured. It remains a
    stark irony that while Google and Apple separately advise Android and
    iPhone users to rely on end-to-end encryption, when it comes to RCS it’s still missing, with no timeline in sight for a fix.

    The mobile standard setter, GSMA, and Google have said encryption will
    be coming to RCS, but there’s no firm date yet. That assurance seemed a response to the backlash post Apple’s update with the media pickup on
    the security issue. Apple—whose iPhone ecosystem includes ever more
    fully encryption, has not commented.

    My advice remains to use WhatsApp over RCS for cross-platform messaging
    until such a time as RCS adds full encryption between iPhones and
    Androids. Once you step outside Apple’s or Google’s walled garden, the security protections fall away. With good secured platforms available,
    it’s not worth taking the risk.

    There are other fully encrypted platforms as well—notably Signal, the
    best of the bunch, albeit with a much smaller install base. Even
    Facebook Messenger now fully encrypts messaging, making standard SMS/RCS texting even more an outlier. Signal and WhatsApp also enable fully
    encrypted voice and video calls cross platform, and so they should also
    be your default choices given this FBI/CISA warning.

    Ironically, Apple’s iOS 18.2, due this month, will enable iPhone users
    to change the default messenger on their devices from iMessage. Timing
    really is everything.

    Follow me on Twitter or LinkedIn.
    Zak Doffman

    Join The Conversation

    Sara T
    2 hours ago

    Welp unless they want to drop 1k or more for me a new phone that's apple
    or my friend that apple to get an android. I'm still going to have to
    because we're working with older phones and they're paid off. We don't
    have thousands of dollars to buy a replacement that really isn't needed
    since ours work just fine.

    We're barely scraping by as it is and that is living with our parents to
    help out.

    Spiro M
    6 hours ago

    Oh save us FIB from the boogyman!

    Americans are frightened and we need the FIB to protect us!

    Raid Americans houses at 4:00 am and go through our underwear draws!

    J. Edgar Hoover would be proud of that!

    Robert A
    6 hours ago

    The service was created by WhatsApp Inc. of Mountain View, California,
    which was acquired by Facebook in February 2014 for approximately
    US$19.3 billion.

    https://www.forbes.com/sites/zakdoffman/2024/12/03/fbi-warns-iphone-and-android-users-stop-sending-texts/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From D@21:1/5 to hedrick on Wed Dec 4 19:49:05 2024
    On Wed, 4 Dec 2024 00:16:06 -0800, hedrick <sky-is-falling@sqwak.com> wrote: snip
    There are other fully encrypted platforms as well

    nothing in the universe is "fully encrypted" (only storefront agents,
    troll farm operatives, snitches, etc. would ever make such ludicrous
    claims), but some users may have realistic concerns about preventing unauthorized access to content, regardless of its format or function

    as a minimum standard, experts recommended "whole message encryption"
    for communication... see https://www.danner-net.de/omom/tutorwme.htm

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)